From owner-FreeBSD-users-jp@jp.FreeBSD.org Mon Jan 21 13:06:44 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g0L46ir53175;
	Mon, 21 Jan 2002 13:06:44 +0900 (JST)
	(envelope-from owner-FreeBSD-users-jp@jp.FreeBSD.org)
Received: from tech1.nextcom.co.jp (tech1.nextcom.co.jp [202.16.200.193])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with SMTP/inet id g0L46gm53169
	for <FreeBSD-users-jp@jp.FreeBSD.org>; Mon, 21 Jan 2002 13:06:43 +0900 (JST)
	(envelope-from masuda-m@nextcom.co.jp)
Received: (qmail 26640 invoked from network); 21 Jan 2002 04:06:39 -0000
Received: from unknown (HELO nextcom.co.jp) (192.168.176.4)
  by tech1.nextcom.co.jp with SMTP; 21 Jan 2002 04:06:39 -0000
Received: (qmail 56495 invoked from network); 21 Jan 2002 04:06:39 -0000
Received: from unknown (HELO nextcom.co.jp) (192.168.190.211)
  by intra.nextcom.co.jp with SMTP; 21 Jan 2002 04:06:39 -0000
Message-ID: <3C4B93CE.D219D2FE@nextcom.co.jp>
Date: Mon, 21 Jan 2002 13:06:38 +0900
From: "Masuda,Masashi" <masuda-m@nextcom.co.jp>
Organization: NextCom K.K. IT System Div.
X-Mailer: Mozilla 4.78 [ja] (Windows NT 5.0; U)
X-Accept-Language: ja,en
MIME-Version: 1.0
To: FreeBSD-users-jp@jp.FreeBSD.org
References: <20020121102244.0ACD.YMATSU@netlinks.co.jp>
Content-Type: text/plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit
Reply-To: FreeBSD-users-jp@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+011218
X-Sequence: FreeBSD-users-jp 66526
Subject: [FreeBSD-users-jp 66526] Re: ipfw + 	natd
 =?ISO-2022-JP?B?GyRCJCxGMDpuQ2YkSyQqJCskNyQvJEokaxsoQg==?=
Errors-To: owner-FreeBSD-users-jp@jp.FreeBSD.org
Sender: owner-FreeBSD-users-jp@jp.FreeBSD.org
X-Originator: masuda-m@nextcom.co.jp

ipfw $B$M$?$K$O?)$$$D$-$,NI$$$,(Bnatd $B$O$<$s$<$sCN$i$J$$A}ED!w2q<R$G$9!#(B


$B$^$D$b$H$f$?$+(B wrote:
> $B%m%0$r8+$?$j$7$?$N$G$9$,$A$g$C$H5$$K$J$k$N$O!$(B/var/log/security$B$N(B
> 
> Jan 16 21:44:12 keeper natd[236]: failed to write packet back (Permission denied)

$B!c$6$C$/$j>JN,!d(B

> 04500  200  15200 allow udp from me to any 123
> 65535    1    576 deny ip from any to any

$B$<$s$<$s%R%s%H$K$J$i$J$$$H;W$$$^$9$,!"$H$j$"$($:(B/etc/rc.firewall $B$K(B
$B0J2<$N9T$rDI2C$7$F!"$I$s$J%Q%1%C%H$,0z$C$+$+$k$+$8$C$/$jD/$a$F$_$F$O!)(B

${fwcmd} add  655534 deny log  all from any to any


-- 
/* NextCom K.K. IT System Div. Masuda,Masashi <masuda-m@nextcom.co.jp>
                       phone: +81-3-5977-0872 fax: +81-3-5977-0906   */

$B!t%Q%1%C%H$N5$;}$A$K$J$C$F9M$($h$&(B
